AI risk research
The optional counterparty-ai package adds
qualitative, advisory risk context using an LLM with native tool use. It plugs into the
same RiskStrategy seam as the rule-based default.
The AI never decides hard pass/fail. It consumes the finished report as ground truth, grounds every claim in a tool’s source URL (no source means inconclusive), and forces human review below a confidence threshold. Output is advisory only.
A separate package on purpose: prompts change often and must not bump the core’s version.
Guarantees
- Advisory only. Sanctions hits and VAT status stay deterministic in the report; the AI cannot override them.
- Grounded. Only findings with a source URL become
Evidence; ungrounded claims are dropped to “needs review”. - Human-in-the-loop.
requiresHumanReview()is true on any adverse finding, any ungrounded claim, any inconclusive/adverse hard fact, or when confidence is below the threshold. - Bounded cost. Results are PSR-16 cached by counterparty + report + prompt version.
Wiring
use Gawrys\Counterparty\Ai\AiRiskStrategy;
use Gawrys\Counterparty\Ai\Prompt\RiskPromptBuilder;
use Gawrys\Counterparty\Ai\Research\AnthropicResearchProvider; // or OpenAiResearchProvider
use Gawrys\Counterparty\Ai\Tool\{RegistryTool, ReportLookupTool};
$strategy = new AiRiskStrategy(
provider: new AnthropicResearchProvider($http, $apiKey),
promptBuilder: new RiskPromptBuilder(),
tools: [new RegistryTool($registries), new ReportLookupTool()],
cache: $psr16Cache,
reviewThreshold: 0.6,
);
$verifier = new Verifier($checks, $strategy, $clock);
In this section
- Providers - Anthropic, OpenAI, and writing your own.
- Native tool use - how the model calls registry/report/web tools.
- Custom tools - expose your own data to the model.
- Testing - deterministic, offline tests with fakes and cassettes.